package com.hgy.plugin.security.password;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;

import com.hgy.common.utils.CodecUtil;

/**
 * 密码匹配器
 * 
 * @author alone
 *
 */
public class Md5CredentialsMatcher implements CredentialsMatcher{

	@Override
	public boolean doCredentialsMatch(AuthenticationToken token,
			AuthenticationInfo info) {

		// 获取从表单提交过来的密码, 明文未加密
		String submitted = String.valueOf(((UsernamePasswordToken)token).getPassword());
		// 获取数据库中存储的面,已加密
		String encrypted = String.valueOf(info.getCredentials());
		return CodecUtil.md5(submitted).equals(encrypted);
	}

}
